Lecture 5 

Linear Congruences, Chinese Remainder Theorem, Algorithms 

Recap - linear congruence ax = b mod m has solution if and only if g = (a, m) 
divides b. How do we find these solutions? 

Case 1: g = {a,m) = 1. Then invert a mod m to get x = a~^b mod m. Al- 
gorifhmically, find axo + myo = 1 with Euclidean Algorithm, then axo = 1 

mod m so a;o = a~^, so x = Xf)h = a^^^h solves the congruence, (ax = a{xob) = 
{axo)b = b mod m). Conclusion: There is a unique solution mod m. 

Case 2: g = {a,m) > 1. U g \ b, there are no solutions. If g\b, write a = 
a'g, b = b'g, m = m'g so that ax = b mod m a'x = b' mod m' so that 
(a', m') is now 1. The unique solution (found by Case 1) x mod m' also satisfied 
ax = b mod m so that we have one solution mod m. We know any solution 
X mod m must be congruent to x mod m', so x must have form a; + m'fc for 
some k. As k goes from through g — 1 we get the g distinct integers mod m: 
x,x + m', X + 2m' . . .x + [g — l)m', which all satisfy ax = b mod m because 

a{x + km') = ax + akm' 
= ax + a'gkm' 
= ax + m{a'k) 
= ax (mod m) 
= b (mod m) 

Conclusion: this congruence has g = (a, m) solutions mod m. 
Eg., 

35a; = 14 (mod 28) 

(35, 28) = g — 7. To solve, first divide through by 7 to get 5a; = 2 mod 4. 
Solution of a; = 2 mod 4 is a; = 2, which will also satisfy original congru- 
ence, m' = f = 4 all solutions mod 28 = 2, 6, 10, 14, 18, 22, 26. 

Simultaneous System of Congruences to Different Moduli: Given 

X = ai (mod mi) 
X = a2 (mod 7722) 

X = ak (mod m/j) 

Does this system have a common solution? (Not always, eg., a; = 3 mod 8 and 
a; = 1 mod 12) In general, need some compatibility conditions. 
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Theorem 25 (Chinese Remainder Theorem). If the moduli are coprime in pairs (ie., 
{mi, nij) = Ifor i ^ j), then the system has a unique solution mod mim2 ■ ■ ■ nik- 

Proof of Uniqueness. Suppose there are two solutions x = y = ai mod mi, x = 
y = a2 mod TO2, etc. Then mi | {x — y), 1x12 \ {x — y), etc. Since m's are relatively 
prime in pairs, their product mim2 . . . m^ divides x — y a& well, so x = y 
mod mim2 . . . rrifc. So solution, if exists, must be unique mod m\m2 ■ ■ ■ rrik. ■ 

Proof of Existence. Write solution as a linear combination of a, 

AiOi + ^202 H 1- Akttk 

Want to arrange so that mod all the Aj for j are = mod m, and Ai = 1 
mod m,. Let 

Ni = 77127713 . . . rrife 

N2 = mims ...ruk 

Ni = mim2 . . . rrii-imi+i ...mu 

So {Ni, rrii) = 1, since all the other m are coprime to rrii. Let Hi equal the multi- 
plicative inverse of Ni mod rrii, and let Ai = HiNi. Then, Ai = mod for 
j ^ i and = 1 mod rui. So now let 

a = ^lOi + ^202 H + Akak 

= FiTViOi + H2N2a2 + ■■■ + HkNkak 

Then if we take mod rui all the terms except ith term will vanish (since mi\Nj 
for j ^ i). So 

a = HiNiGi (mod m^) 
= Oj (mod mj) 



Eg- 



X = 2 mod 3, 
a; = 3 mod 5, 
X = 5 mod 7, 



iVi 
N2 
Ns 



5-7: 
3-7^ 
3-5^ 



35 ; 
21 ; 
15 ; 



2 mod 3, 
1 mod 5, 
1 mod 7, 



ffi = 2 

H2 = l 
H3 = l 
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X = HiNiai + 7V2i?2a2 + N^Hsa^ (mod mim^m^) 
= 2 • 35 • 2 + 1 • 21 • 3 + 1 • 15 • 5 (mod 105) 
= 278 (mod 105) 
= 68 (mod 105) 

Note: Assuming we have mi , m2 . . . mfc that are relatively prime, the Chi- 
nese Remainder Theorem says that any choice of ai mod mi, a2 mod m2, etc. 
gives rise to particular a;(ai, 02, . . . a^, mi, . . . mk) mod mim2 . . . m^. Number 
of choices that we have is mim2 . . . ruk, which agrees with number of integers 
mod m\m2 ■ ■ ■ mk- 

Note: Now note that x{a-i, 02, . . . afe, mi, . . . mk) is coprime to mim2 . . . ruk if 
and only if (oj, m^) = 1. 

• If a; is coprime to JJ mi then it is relatively coprime to each of them, so 
since x = mod m, we'll also have {ai,mi) = 1. 

• Conversely if (a^, m^) = 1 for all i, then since x = mod rui, this implies 
that {xi,mi) = 1 holds for all i, so {x,Ylmi) = I as well. 

What is the number of x coprime to JJ mil (by definition this is 4>{mim2 ■ ■ ■ mk)) 
(# of choices of ai) (# of choices of a2) . . . 

^ V V ' 

(I)(mi) (pirni) 

with each a.^ coprime to m,. This gives corollary that if m,j coprime in pairs, 
0(0 mi) = n (Pimi)- We can use this to understand (p{n) for any n. With rrii 
coprime in pairs, 

mi=PiS m2=P2^... mk=Pk' 
<t>{n) = m')m')---<>{pt) 

All we need, then, is how to find (l){p^). 
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(^(p*^) = # of {a;|l < a; < p*^ and {x,p) = 1 and so {x,p'^) — 1} 

3-1 



P'-'ip-l) 



P 



and so 

<Pin) = pT-\pi - 1)pTHp2 - 1) . --pT^Pk - 1) 

^£1^62 fife 1\ /, 1 



= n 

p\r 

Numerical Calculations for Algorithms 

Want to do arithmetic modulo N (some large number). Benchmark = time to 
write down N, which is roughly the number of digits of iV = c log N for some 
constant c. 

Addition is log N steps / time 

Multiplication is log N steps / time in the simplest way 



Karatsuba Multiplication This is a faster algorithm for multiplication (see 

http : / /en . wikipedia . or g/wiki /Karat suba_algorithm#Algorithm) ; 
reduces time to (log Ny°s 3/ i°g 2 

Multiplication can be further improved by using Fast Fourier Transforms to 

log A^poly(log log n). 

Exponentiation - we want to compute mod N, with a at most N and b is 
also small (^ N). Most obvious way would be repeated multiplication for 
N log^ N, but better to use repeated squaring. Write b in binary as 

b = brbr-l ... 60 

= 2''br + 2''-^br-l + • • • + &0 

then compute , . . . mod N by repeatedly squaring the previous one 

(at most log^ N for each). Then take 




for a total of log b log^ N ^ log'^ N steps. 
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